Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7hSN1ZJFgOAcKVRAjrSC4mMf33E.roa
File:                     7hSN1ZJFgOAcKVRAjrSC4mMf33E.roa (raw, json)
Hash identifier:          vP69qCh3tIsv8EJiPBjEtdvfwO9cFkDmVlxDauc8sN8=
Subject key identifier:   EE:14:8D:D5:92:45:80:E0:1C:29:54:40:8E:B4:82:E2:63:1F:DF:71
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0189024313A24D335FE447C8905901923F7A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7hSN1ZJFgOAcKVRAjrSC4mMf33E.roa
Signing time:             Wed 28 Jun 2023 13:48:17 +0000
ROA not before:           Wed 28 Jun 2023 13:48:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203758
IP address blocks:        89.213.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jul 2023 16:16:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:02:43:13:a2:4d:33:5f:e4:47:c8:90:59:01:92:3f:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 28 13:48:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee148dd5924580e01c2954408eb482e2631fdf71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c6:c1:f9:5b:02:52:da:58:66:10:ca:2f:1d:
                    05:af:90:0e:20:51:3c:87:80:88:4f:59:21:db:49:
                    78:13:97:07:6a:bf:f3:3a:46:3a:9c:f6:c7:c2:04:
                    71:ef:e1:65:4e:1c:f9:1b:75:c6:1c:76:ae:e2:7d:
                    ff:92:5c:32:19:2d:c2:e8:cd:49:b5:56:51:7f:83:
                    25:ea:49:63:3c:7d:d5:18:33:f8:36:e0:5a:16:8b:
                    05:dc:50:03:34:c3:38:de:ac:bb:83:41:3f:38:cb:
                    93:20:b3:1a:18:97:53:95:9c:7c:a0:dc:7b:0e:c8:
                    0f:fb:ec:f1:13:ca:f6:22:fa:8a:56:4d:6c:91:7c:
                    f9:a6:9e:be:81:68:d1:43:a7:c1:db:5e:42:70:f2:
                    c2:08:21:b1:66:5e:4f:c3:8c:2c:8c:1e:4a:b5:69:
                    49:a7:42:ac:16:2c:b4:d5:d5:2a:51:75:82:0d:55:
                    31:33:1d:d1:2f:ca:e2:11:04:70:b5:68:3f:d8:2c:
                    20:e4:dc:fe:74:ab:ec:87:91:f2:55:17:3e:43:dd:
                    6e:1a:c8:d6:c7:fd:22:90:fd:2d:1e:da:35:3b:c3:
                    ae:0c:c6:bb:52:d9:be:53:d3:d0:58:ab:4d:bc:98:
                    df:fd:a6:d0:6e:bc:f0:e7:18:79:96:c0:30:39:04:
                    01:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:14:8D:D5:92:45:80:E0:1C:29:54:40:8E:B4:82:E2:63:1F:DF:71
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7hSN1ZJFgOAcKVRAjrSC4mMf33E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:0f:65:ba:07:90:58:39:58:f2:a3:78:82:eb:c7:c7:73:84:
         7a:d3:ea:cf:d6:22:e1:6b:8a:52:f7:59:cc:d7:cd:c4:ce:ae:
         20:a4:bf:a3:03:eb:e3:14:49:af:35:61:72:e3:2e:97:63:08:
         e1:b3:18:b9:68:18:52:a9:b0:96:f3:b6:17:a7:2b:bd:93:9f:
         21:2e:b0:58:1c:c3:d5:e8:d3:96:12:29:12:ad:53:e6:15:6f:
         51:2b:dc:9e:01:40:d8:5a:d6:74:19:09:ba:a1:2b:f7:21:91:
         22:5d:de:bb:4c:5d:d6:ed:33:2b:22:4b:dc:56:07:d4:00:fd:
         5d:32:0b:59:96:b6:05:63:7c:48:a2:cc:66:cc:21:9d:cf:06:
         0b:0d:64:f4:14:2b:45:ad:39:c4:3e:ba:c5:d4:ee:60:01:82:
         d9:47:f5:ee:f6:2a:05:35:a3:c7:13:5c:28:a6:e5:58:ac:2f:
         b3:ed:c5:79:02:69:8b:dd:2b:66:d6:02:4c:3b:45:e1:c0:23:
         ed:65:70:11:59:b6:0b:17:4a:cf:94:4e:7a:99:76:9a:75:38:
         48:5b:67:39:cf:78:85:85:03:21:b6:f3:be:57:c3:5c:c2:51:
         73:8c:36:23:8c:45:cc:33:5a:b7:93:4c:0b:07:a9:e2:91:9d:
         bb:62:d6:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkCQxOiTTNf5EfIkFkBkj96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjI4MTM0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE0OGRkNTkyNDU4MGUwMWMyOTU0NDA4ZWI0ODJlMjYzMWZkZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8bB+VsCUtpYZhDKLx0Fr5AOIFE8
h4CIT1kh20l4E5cHar/zOkY6nPbHwgRx7+FlThz5G3XGHHau4n3/klwyGS3C6M1J
tVZRf4Ml6kljPH3VGDP4NuBaFosF3FADNMM43qy7g0E/OMuTILMaGJdTlZx8oNx7
DsgP++zxE8r2IvqKVk1skXz5pp6+gWjRQ6fB215CcPLCCCGxZl5Pw4wsjB5KtWlJ
p0KsFiy01dUqUXWCDVUxMx3RL8riEQRwtWg/2Cwg5Nz+dKvsh5HyVRc+Q91uGsjW
x/0ikP0tHto1O8OuDMa7Utm+U9PQWKtNvJjf/abQbrzw5xh5lsAwOQQBbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4UjdWSRYDgHClUQI60guJjH99xMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN2hTTjFaSkZnT0FjS1ZSQWpyU0M0bU1mMzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWDMA0G
CSqGSIb3DQEBCwUAA4IBAQAvD2W6B5BYOVjyo3iC68fHc4R60+rP1iLha4pS91nM
183Ezq4gpL+jA+vjFEmvNWFy4y6XYwjhsxi5aBhSqbCW87YXpyu9k58hLrBYHMPV
6NOWEikSrVPmFW9RK9yeAUDYWtZ0GQm6oSv3IZEiXd67TF3W7TMrIkvcVgfUAP1d
MgtZlrYFY3xIosxmzCGdzwYLDWT0FCtFrTnEPrrF1O5gAYLZR/Xu9ioFNaPHE1wo
puVYrC+z7cV5AmmL3Stm1gJMO0XhwCPtZXARWbYLF0rPlE56mXaadThIW2c5z3iF
hQMhtvO+V8NcwlFzjDYjjEXMM1q3k0wLB6nikZ27YtYZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org